Out-Of-the-Box Exploitation Possible On PCs From Top 5 OEMs

According to a report published by two-factor authentication service Duo Security, third-party updating tools installed by Dell, HP, Lenovo, Acer, and Asus (the top five Windows PC OEMs) are exposing their devices to man-in-the-middle attacks. Dan Goodin, reports for Ars Technica: The updaters frequently expose their programming interfaces, making them easy to reverse engineer. Even worse, the updaters frequently fail to use transport layer security encryption properly, if at all. As a result, PCs from all five makers are vulnerable to exploits that allow attackers to install malware.Duo Security adds: Hacking in practice means taking the path of least resistance, and OEM software is often a weak link in the chain. All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can't protect you when an OEM vendor cripples them with pre-installed software.

Re:Sensationalized news

[omnichad]

A) hack into the Internet back-end routers; or B) physically colocate on your private network

Or just compromised DNS on your router. There are an awful lot of vulnerable router firmwares out there still in common use.

Such an attack would need to connect to the local wifi, spoof ARP packets of the router at your particular device, spoof ARP packets of your device at the router, and interpose itself.

You give coffee shops too much credit. Log into router after getting on free wifi, because the username and password are still set to the factory default. Change default DNS servers handed out on DHCP to your external host. No need to spoof anything.

For that matter, if the coffee shop has a lower power AP, you can just bring in a discreet high-powered AP and use the same SSID. Laptops will just connect to the highest powered signal with the same SSID. Instant MITM.